The GitHub Actions job "Java CI with Gradle" on ofbiz-framework.git/enhance-jwt-validation has failed. Run started by GitHub user jacopoc (triggered by jacopoc).
Head commit for run: 750591ca9d0ddfd7b6292bbc566dd5452e4de0df / Jacopo Cappellato <[email protected]> Implemented: JWT validation for tokens issued by an external authentication server. The system now supports two token validation modes: 1) External authentication server (JWK-based): if an issuer is configured in the "security.token.issuer" property, the token is verified using a JWK provider and the issuer's public key used to sign the token. 2) Local HMAC verification: If no issuer is configured, the token is verified locally using an HMAC key derived from the secret key configured in the "security.token.key" (and optionally a salt). This is the legacy mode whose behavior is not affected by this change. With the default configuration, this is the method used by OFBiz for token verification. Thanks: Anahita Goljahani for the analysis and research about OAuth 2.0/OpenID Connect providers and for the tests. Report URL: https://github.com/apache/ofbiz-framework/actions/runs/19267071089 With regards, GitHub Actions via GitBox
